CIAT – The Cryptographic Implementations Analysis Toolkit

Find your website's Achilles' Heel

The Cryptographic Implementations Analysis Toolkit (CIAT) is a compendium of command line and graphical tools whose aim is to help in the detection and analysis of encrypted byte sequences within files (executable and non-executable). It is particularly helpful in the forensic analysis and reverse engineering of malware using cryptographic code and encrypted payloads.

This was an interesting find because it wasn’t too long ago I published a post about Mediggo, a Tool To Detect Weak Or Insecure Cryptosystems Using Generic Cryptanalysis Techniques.


Windows Binaries included in this distribution as well as supporting libraries were compiled using gcc, Mingw and Msys.

Linux binaries were compiled using gcc 4.1.2. They were tested from command line in machine with Windows Vista Home Premium (32 bit + SP1) and on Linux Gentoo 2008.0 X86 operating systems.

They should run without problems in any computer with Windows 2000, XP or VISTA 32bit and any Linux x86 with Mesa3-D, but I cannot guarantee that. If you have problems with these
binaries or want to run the programs in other platform you’ll need to compile them yourself.


Version 1.02 includes standard configuration scripts for Unix like systems. The old Makefile (Makefile.linux32) is still included; if you use Windows I suggest you use MINGW+MSYS.

You can download CIAT v1.02 here:

Or read more here.

Posted in: Cryptography, Forensics

, , , , , , , , ,

Recent in Cryptography:
- Up1 – Client Side Encrypted Image Host
- PEiD – Detect PE Packers, Cryptors & Compilers
- DROWN Attack on TLS – Everything You Need To Know

Related Posts:

Most Read in Cryptography:
- The World’s Fastest MD5 Cracker – BarsWF - 47,850 views
- Hackers Crack London Tube Oyster Card - 45,325 views
- WPA2 Vulnerability Discovered – “Hole 196” – A Flaw In GTK (Group Temporal Key) - 33,309 views

Comments are closed.